IT workers are typically some of the most trusted employees at any company. They are relied upon to not only put out technical support fires; they are also entrusted with maintaining and protecting the security, health, and well-being of a company's information technology infrastructure. Most IT professionals have an inherent pride about their work and skills and strive to do the best they can to serve their customers: the users of the technology they manage.

Once in a while, though, an IT worker gets disgruntled about an event at the company—typically his or her dismissal or some other disciplinary action— and enacts revenge the best way he or she knows how: through technology. If there's anyone who'd know how to exploit your technological weaknesses, it's your own IT staff. It doesn't happen often, but when your IT turns rogue, their attacks can be devastating. Their sabotage can come in the form of databases mined, networks hacked, sites taken down, or virtual servers that run vital operations, deleted into oblivion. The wake of destruction can cost companies thousands, sometimes millions of dollars in remediation and reconstruction, legal prosecution, and public relations repair required to regain customer confidence that the company's network (and customer data) is safe.

From inserting porn into the CEO's PowerPoint presentation to spreading time bomb malware to servers, the following slides take a look at some of the disastrous consequences companies have suffered at the hands of a vexed IT staffer.

1
Angry IT Admin Cripples Employer's Network from McDonald's

An IT Administrator, angry over his employer's firing of a friend, crippled the company's network while using Wi-Fi at his local McDonald's. Jason Cornish, former IT Administrator at a US-based division of a Japanese company, Shionogi, Inc., deleted 15 virtualized machines that ran 88 servers for the company. He did this dirty deed while connected to the Wi-Fi at the fast-food restaurant. That decision for the locale from which to mete out his revenge was a costly one, as FBI agents were able to track him down through a credit card purchase he made at that McDonald's.

Cornish wiped out most of Shinogi's infrastructure including its email and Blackberry servers and its financial system. Company spokesman estimated the loss to be about $800,000.

2
IT Worker Sickens Hospital's Network

Jason Wang, angered over his firing from the IT department of North General Hospital in NYC, accessed his former company's network and wreaked havoc on its information systems. He is said to have stolen patient records and test results. Wang also accessed the network using a doctor's credentials and sent scathing emails to management under the guise of the doctor. He was arrested and charged with computer trespass, unauthorized use of a computer, and fourth-degree computer tampering.

3
Negative Performance Evaluation Prompts Insider Attack

A network engineer who resigned in fury after a negative performance evaluation, took his frustrations out on the computer network of his former employer, the North County Health Services clinic in California.
Jon Paul Oson deleted data and software on several of the facility's servers, and some of the data in question included patient healthcare information. His actions caused not only financial loss, but jeopardized patient treatment. He was sentenced to 63 months behind bars and ordered to pay more than $409,000 in restitution.

4
Dismissed IT Worker Places Porn in CEO's PowerPoint Presentation

After being fired from his position, an IT director for Baltimore Substance Abuse Systems, continued to use the company's network for more than a month. Walter Powell used keyloggers to steal employee passwords and sent an email to the entire company using the CEO's credentials.
Even that did not slake his thirst for revenge. In a final act of mischief, Powell slipped an image of a naked woman into a PowerPoint presentation the CEO was giving on a 64-inch projection screen. Audience members included city officials and the Baltimore health commissioner. He was sentenced to three years of probation and 100 hours of community service.

5
IT Director Spitefully Deletes Organ Donation Records

A former IT Director, used her know-how to gain access into her former employer's network—a nonprofit organ and tissue donation center—and deleted database files and software applications, as well as their backups. This data related to organ and tissue recovery operations.
Danielle Duann committed the crime via a remote connection from her home. To hide her illicit actions she disabled logging functions on several of the company's servers and then erased logs of her remote access.

She received two years in prison, three years of supervised release, and was ordered to pay $94,222 in restitution.

6
Ex-UBS Systems Admin Takes Down 2000 Servers

A former system administrator for UBS was chagrined after not receiving as large a bonus as he expected. He quit the company and then plotted an elaborate security breach that ended up taking down 2,000 servers at UBS Paine Webber's central New Jersey office. The stunt cost the company more than $3 million dollars to get the system, primarily used for trading, back up and running.

Roger Duronio wrote malicious code and then deployed it throughout his former employer's network. But he didn't stop at planting the time-bomb malware. Instead, before the code infected the system, he purchased stock options that would pay out only of the UBS' stock plummeted within a specific amount of time—11 days from his attack. With his malware, Duronio knew when the company would experience massive downtimes, and therefore a massive stock price drop.
Duronio is currently serving 97 months in jail.

About the Author

Samara Lynn has nearly twenty years experience in Information Technology; most recently as IT Director at a major New York City healthcare facility. She has a Bachelor's degree from Brooklyn College, several technology certifications, and she was a tech editor for the CRN Test Center.
With an extensive, hands-on background in deploying and manag... See Full Bio

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.